Latest Elevation of Privileges news

Windows Kernel bug fixed last month exploited as zero-day since August

Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day.
- Sergiu Gatlan
- March 02, 2024
- 10:09 AM
- 0
Microsoft: New critical Exchange bug exploited as zero-day

Microsoft warned today in an updated security advisory that a critical vulnerability in Exchange Server was exploited as a zero-day before being fixed during this month's Patch Tuesday.
- Sergiu Gatlan
- February 14, 2024
- 06:29 PM
- 1
Microsoft unveils new 'Sudo for Windows' feature in Windows 11

Microsoft introduced 'Sudo for Windows' today, a new Windows 11 feature allowing users to execute commands with elevated privileges from unelevated terminals.
- Sergiu Gatlan
- February 08, 2024
- 01:53 PM
- 2
Microsoft is bringing the Linux sudo command to Windows Server

Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.
- Lawrence Abrams
- February 04, 2024
- 12:26 PM
- 5
Exploit released for Android local elevation flaw impacting 7 OEMs

A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the exploit requires local access, its release will mostly be helpful to researchers.
- Bill Toulas
- January 31, 2024
- 02:15 PM
- 2
CISA: Critical Microsoft SharePoint bug now actively exploited

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.
- Sergiu Gatlan
- January 12, 2024
- 02:24 PM
- 0
Russian hackers exploiting Outlook bug to hijack Exchange accounts

Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka "Fancybear" or "Strontium") actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.
- Bill Toulas
- December 04, 2023
- 03:14 PM
- 0
Hackers exploit Looney Tunables Linux bug, steal cloud creds

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system.
- Bill Toulas
- November 06, 2023
- 03:26 PM
- 0
Microsoft Exchange gets ‘better’ patch to mitigate critical bug

The Exchange Team asked admins to deploy a new and "better" patch for a critical Microsoft Exchange Server vulnerability initially addressed in August.
- Sergiu Gatlan
- October 10, 2023
- 04:03 PM
- 0
Apple emergency update fixes new zero-day used to hack iPhones

Apple released new emergency security updates on Wednesday to patch two new zero-day vulnerabilities known to be exploited in attacks.
- Sergiu Gatlan
- October 04, 2023
- 02:19 PM
- 9
New 'Looney Tunables' Linux bug gives root on major distros

A new Linux vulnerability, known as 'Looney Tunables' and tracked as CVE-2023-4911, enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.
- Sergiu Gatlan
- October 03, 2023
- 04:36 PM
- 0
Exploit released for Microsoft SharePoint Server auth bypass flaw

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation.
- Sergiu Gatlan
- September 29, 2023
- 02:06 PM
- 0
New stealthy techniques let hackers gain Windows SYSTEM privileges

Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases privileges to SYSTEM, the highest permission level on Windows.
- Ionut Ilascu
- August 23, 2023
- 02:30 PM
- 0
Super Admin elevation bug puts 900,000 MikroTik devices at risk

A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected.
- Bill Toulas
- July 25, 2023
- 06:08 PM
- 3
Google Cloud Build bug lets hackers launch supply chain attacks

A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost nearly-full and unauthorized access to Google Artifact Registry code repositories.
- Sergiu Gatlan
- July 18, 2023
- 09:00 AM
- 0
Exploit released for Cisco AnyConnect bug giving SYSTEM privileges

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate privileges to SYSTEM.
- Sergiu Gatlan
- June 21, 2023
- 05:49 PM
- 0
Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account.
- Sergiu Gatlan
- June 20, 2023
- 12:38 PM
- 0
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges

Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let attackers escalate privileges to the SYSTEM account used by the operating system.
- Sergiu Gatlan
- June 07, 2023
- 02:29 PM
- 0
Windows zero-day vulnerability exploited in ransomware attacks

Microsoft has patched a zero-day vulnerability in the Windows Common Log File System (CLFS), actively exploited by cybercriminals to escalate privileges and deploy Nokoyawa ransomware payloads.
- Sergiu Gatlan
- April 11, 2023
- 03:23 PM
- 1
CISA orders agencies to patch Backup Exec bugs used by ransomware gang

On Friday, U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware.
- Ionut Ilascu
- April 07, 2023
- 05:07 PM
- 0